Advertising

https://fedorahosted.org/freeipa/ticket/5250
Use cases:
1. When user/service is deleted, associated vault container looses
owner. There was no API command to set the owner.
2. Change owner of container by admin to manage access.
Show command was added to show current owners.
Find command was not added, should it be?

There is also a design for vault container ownership handling created by
Endi - it's for future Vault 2.0.

This patch has a different API than the proposed - different way of
specifying the container. The design page uses path e.g. /users/foobar.
This patch uses the same way as vaults e.g. --user=foobar. This means
that the implementation in this patch cannot manage ownership of parent
vault containers e.g. cn=users,cn=vaults,cn=kra,$SUFFIX.

Do we want to go with this approach in 4.2?

Attaching also new path which removes setting of owner which doesn't
exist so that integrity is OK and that it is consistent with removing of
user.